The Rise of the Compliance Guru—and Banker Ire
To hear Jamie Dimon tell it, regulation and the cost of compliance are becoming a threat to the American dream.
“In the old days, you dealt with one regulator when you had an issue, maybe two,” the JPMorgan Chase CEO said on a call with investors in January. “Now, it’s five or six. It makes it very difficult and very complicated. You all should ask the question about how American that is.”
Several tax brackets down from Dimon, Justin “the Compliance Guru” Hall is betting that Dimon’s scourge will, by contrast, ensure his own upward mobility. Hall, 28, is a compliance officer at Charles Schwab Corp.’s retail bank. He and thousands of others like him, at every company in finance, are charged with keeping their revenue-obsessed colleagues on the right side of the rules. Compliance, not banking, has been the real growth business since 2008, when free-market liberties turned to liabilities and markets collapsed.
Hall, who uses the self-awarded “guru” designation on his LinkedIn profile, couldn’t be happier with his choice of career. “There’s definitely no shortage of opportunity,” he says. “You’re usually involved with all the big dogs in the company. Your visibility is huge.”
Dimon, meantime, seems grumpy. Sections of a letter he wrote to shareholders in April sound like they were penned by Ayn Rand’s ghost. He complains about wasting face time with investors discussing regulation. “Very little time is spent talking about the actual business, like client transactions, market share gains, or other business drivers,” he writes.
The rivalry between “actual business,” as Dimon calls it, and compliance may have started when Leviticus warned against using dishonest weights and scales and withholding a worker’s wages overnight. It probably heated up when the ancient Romans began regulating little companies called societates. It most definitely intensified in the early 1900s when President Teddy Roosevelt pressed Congress to regulate food, finance, and the rails. Compliance with money-laundering statutes became top of mind for Western governments after 9/11, when the aim became stopping terrorists, not just drug dealers.
Business and regulators fight constantly over compliance, and some of the bloodiest trenches in this war are inside companies, where salespeople see themselves as elephant hunters and tag compliance employees as “internal control freaks” or the “sales prevention team.”
“Sales is all about getting a yes,” says Darrell Coleman, chief compliance officer at DynCorp International. “My job is to say no.” DynCorp, controlled by buyout firm Cerberus Capital Management, is like a temp agency for the hardest jobs in the world. It has trained police forces in Afghanistan and fixed military aircraft in Iraq. It is Coleman’s job to make sure no one bribes a defense ministry official to get a contract in, say, Saudi Arabia. “The world runs on baksheesh,” he says.
On Wall Street, the task is to stop insider trading, collusion, and money laundering, among other things. And there’s been plenty of each. JPMorgan alone has paid a total of $36 billion in settlements and fines since 2008. Some of the highlights: selling securities constructed from “toxic” mortgages, according to the U.S. Department of Justice ($13 billion); failing to report questionable activity by Ponzi schemer Bernard Madoff ($1.7 billion); and, most recently, colluding to rig foreign-exchange rates ($1.9 billion to a host of regulators).
Compliance types point to these big numbers as proof that hiring a few of their ilk really pays off. JPMorgan has hired 8,000 compliance and control people since the crisis. Employees completed 800,000 hours of compliance training in the bank’s mortgage business alone in 2014. (And since his April letter, Dimon has clarified that he has no problem admitting wrongdoing and paying the price for mistakes.)
If you work in compliance, those figures add up to job security. Better yet, regulators are now enticing compliance people with big sums for snitching. In April, the U.S. Securities and Exchange Commission announced a whistle-blower award of at least $1.4 million to a corporate compliance officer, only the second one ever. (The first was $300,000, in August 2014.) The compliance person reported malfeasance, but management didn’t do anything to stop it, so the SEC rewarded the tip. No details, not even the company’s name, are public, to protect the whistle-blower.
In another era, someone like Justin Hall might have gone into plastics, or semiconductors, to make his fortune. Growing up in Chandler, Arizona, Hall spent half his time living in a trailer park with one of his divorced parents. He sold phone books and magazines door-to-door, then switched to selling phone service for WorldCom, where his charm helped him pull down $98,000 the year he turned 17. “I have a knack for picking up people’s cues,” he says.
He got into financial services in 2005 at age 18, right out of high school, through a neighbor who worked at Bank of America and told him about a job there as a credit risk analyst. After a promotion, Hall ended up on a BofA team examining Countrywide Financial and its assets before the bank took a $2 billion stake in the troubled lender in 2007. That got him into compliance. He went to college, earning a bachelor’s degree in project management and finance from the University of Phoenix in 2012 and a master’s in management of information systems from Arizona State in 2014. He joined Schwab’s in-house bank, based in Phoenix, in October, working on an oversight program for ensuring that third-party vendors comply with banks’ risk regulations.
“These people are in great demand,” says Maurice Gilbert, founder of Conselium, a headhunting firm in Dallas. Gilbert used to do executive searches for all sorts of positions. “Then, about eight or nine years ago, we got a compliance search,” he says. “And then we got another one. And we said, ‘Is this the tip of the iceberg?’”
It was. Now, compliance is all Gilbert does. His biggest payday usually comes when he places a chief compliance officer. These people sometimes report straight to the board of directors, and they make really good money, Gilbert says. In April, a very large pharmaceutical company had him looking for a compliance head to come aboard at $1.5 million a year.
The jobs pay well in part because compliance people take on considerable risk. The dark side to those whistle-blower awards is that the U.S. government can hold compliance officers personally liable for lapses in their programs. And it does. In December, the U.S. Treasury’s Financial Crimes Enforcement Network fined Thomas Haider, the former chief compliance officer for MoneyGram International, $1 million for failing to make sure his company followed anti-money-laundering rules in 2007 and 2008. In May, Haider asked a federal court in Minnesota to dismiss the complaint, saying such a penalty can’t be sought against an individual and that any legal action would be barred by statutes of limitation.
Within companies, attitudes toward compliance are fluid and reflect economic sentiment, according to Pat Harned, CEO of the Ethics & Compliance Initiative, an industry association in Arlington, Virginia. “Culture trumps compliance,” she says. “In very good economic times, companies are willing to take risks. In tough economic times, the tone from the top is much different.”
As she speaks, the SEC, the Commodity Futures Trading Commission, the Office of the Comptroller of the Currency, and other regulators are pounding out some 400 new rules required by the Dodd-Frank Wall Street Reform and Consumer Protection Act, which was signed into law by President Barack Obama in July 2010 in response to the excesses of the mid-2000s.
One of the most hated restrictions, from the point of view of bankers, is a proposal from the U.S. Federal Reserve aimed at protecting taxpayers from a costly rescue of a megabank. Institutions with the heft (or maybe girth) to take down the financial system, like Lehman Brothers almost did in 2008, would be designated “global systemically important banks” by the Fed. Eight banks qualify, and JPMorgan is on the list because it’s big, complex, and interconnected.
Hyperbolic bankers make GSIB sound like the corporate equivalent of the red A Hester Prynne is forced to wear in The Scarlet Letter. GSIB is most certainly a buzz killer, because it would force banks to limit risk and keep more capital on hand for emergencies. For some, the old business isn’t worth all the new hassle. In April, General Electric announced plans to sell most of GE Capital and dodge another hated term: nonbank SIFI—systemically important financial institution.
Compliance people like Dodd-Frank for obvious reasons. Destree Rickard, managing director at executive search firm BarkerGilmore in Fairport, New York, says one job candidate claimed to have read all 2,300 pages of the law. “I said: ‘I can’t place you. You’re either boring or lying,’” Rickard says.
How much companies spend on compliance is anyone’s guess, experts say. The field is broad, covering everything from bribery to lending standards. And accounting for the cost is tricky. Do you include the expense of having every employee sit through an hour-long PowerPoint on graft? On the other side of the ledger, how do you measure the benefit of preventing fraudulent activity that didn’t happen?
Anti-regulation groups, however, are more than willing to quantify the horrors. The American Action Forum, which calls itself a “center-right” policy institute and is led by Douglas Holtz-Eakin, former director of the U.S. Congressional Budget Office, says gumming up capitalism with Dodd-Frank will cost the U.S. $895 billion in lost gross domestic product from 2016 to 2026.
The meter really starts to run when prevention fails. After German police raided the offices of Siemens at dawn in 2006, the U.S. government jumped in with charges that the Munich-based engineering firm had violated the Foreign Corrupt Practices Act by paying bribes to win contracts for transit systems in Venezuela, power plants in Israel, and refineries in Mexico. To deal with the matter, Siemens hired a legion of lawyers from Debevoise & Plimpton, who in turn hired consultants and accountants from Deloitte. Siemens paid the two firms $850 million, according to the Wall Street Journal, and then pleaded guilty and paid an $800 million settlement, a record under the FCPA. It paid another $800 million in Germany.
JPMorgan’s settlements and fines make Siemens’s look like a rounding error. The $36 billion it’s handed over since the financial crisis would pay for a whole lot of compliance gurus.
This story appears in the July/August special Rivalry Issue of Bloomberg Markets magazine.